Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1742
Views
5
Helpful
5
Replies

Voicemail showing as "has stopped working" when using MRA & SSO via Expressway 8.5.1

BrianSkelly
Level 1
Level 1

‎01-31-2015 06:06 AM - edited ‎03-19-2019 09:07 AM

Hello Everyone,

I have my Mac connected to our CallManager via Expressway 8.5.1 MRA using SAML SSO using Jabber Version 10.6.0 (202336).

Our CallManager, IM&P and Unity Connection Servers are all 10.5.2

My issue is that Voicemail shows as "has stopped working". It does not do this for SSO users who are not using MRA.

If I disable SSO it works fine (username/password on Jabber starup and same username/password on Voicemail login page once connected)

I have not yet tested if Jabber for Windows is affected when using MRA via Expressway.

UPDATE: This issue affects Jabber for iOS as well with the same error

I have a Problem Report from the machine if required.

 

Any help you can provide will be appreciated.


Many Thanks,

Brian Skelly

4 people had this problem
Labels:
Preview file
61 KB
0 Helpful
5 Replies 5

heathrw
Level 4
Level 4

‎07-28-2015 05:12 PM

Hi,

 

Have you fixed this. I am having the same issue with SSO enabled for MRA.

0 Helpful

Hank Keleher
Level 1
Level 1
In response to heathrw

‎01-18-2016 01:42 PM

Did either of you get an answer to this? I've just deployed a similar solution and seeing the exact same issue.


Thanks!

0 Helpful

carlnewton
Level 3
Level 3
In response to Hank Keleher

‎04-12-2016 03:46 AM

I have the same issue. Looks like unity is denying the request, even though SSO is configured on unity and works fine.

2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: UTCTime="2016-04-12 10:38:21,868" Module="developer.edgeconfigprovisioning.server.sso" Level="WARN" CodeLocation="samlhelpers(684)" Service="SSO" Detail="Required AuthnInstance attribute not found"
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: UTCTime="2016-04-12 10:38:21,869" Module="developer.edgeconfigprovisioning.uds" Level="INFO" CodeLocation="udsmanager(590)" Service="UDSManager" Detail="Verifying UDS" Domain="companyuc.com" Deployment="1" Identity="('username', 'TestUC.Boston2')"
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: Level="INFO" Event="Edge SSO" Service="SSO" Detail="Received request for Edge SSO access" Local-ip="127.0.0.1" Local-port="22111" Src-ip="127.0.0.1" Src-port="33811" username="TestUC.Boston2" UTCTime="2016-04-12 10:38:21,869"
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning UTCTime="2016-04-12 10:38:21,875" Module="network.http.sso.server" Level="DEBUG" Action="Send" Url="https://uklonxxx06.eu.companyuc.com:8443/ssosp/token/authorize_proxy"

HTTPMSG:
|POST //uklonxxx06.eu.companyuc.com:8443/ssosp/token/authorize_proxy HTTP/1.1
 Content-Type: ['application/x-www-form-urlencoded']
Authorization: <CONCEALED>
User-Agent: ['TANDBERG-Video-Communication-Server/X8.7.1']
client_id=***REMOVED BY CARL***
|

2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: UTCTime="2016-04-12 10:38:21,875" Module="developer.edgeconfigprovisioning.twisted" Level="INFO" CodeLocation="_observer(131)" Starting factory <twisted.web.client._HTTP11ClientFactory instance at 0x7f2e63de6cf8>
2016-04-12T06:38:22-04:00 uschixxx05 edgeconfigprovisioning UTCTime="2016-04-12 10:38:22,515" Module="network.http.sso.server" Level="DEBUG" Action="Received" Request-url="https://uklonxxx06.eu.companyuc.com:8443/ssosp/token/authorize_proxy"

HTTPMSG:
|HTTP/1.1 401 Unauthorized
<!-- custom Cisco error page --><html>    <head>        <title>            Cisco System - Error report        </title>        <style type="text/css">            a {                color: #316984;                text-decoration: none;            }            a:hover {                color: #316984;                text-decoration: underline;            }            a:visted {                color: #316984;                text-decoration: none;            }            body {                background-attachment: fixed;                background-color: #ffffff;                background-repeat: no-repeat;                color: #316984;                font-family: arial,helvetica,sans-serif;            }            #content {                border: 1px solid #d6d7d6;                font-size: 93.5%;                margin: 0px 10% 30px 10%;            }            #content-header {                background-color: #eeeeee;                border-bottom: 1px solid #666666;                color: #666666;                font-size: 124.5%;                padding: 5px 15px 5px 15px;            }            #copyright {                font-size: 75%;                margin: 0px 10% 0px 10%;                padding: 3px 0px 0px 0px;                text-align: right;            }            img {                display: block;                margin: 0px 0px 20px 0px;            }            #logo {                margin: 30px 10% 0px 10%;            }            p {                padding: 5px 15px 5px 15px;            }            pre {                padding: 5px 15px 5px 30px;            }        </style>    </head>    <body>        <div id="logo">            <img src="/ciscologo.gif" alt="Cisco Systems, Inc." />        </div>        <div id="content">            <div id="content-header">HTTP Status 401 -             </div>            <p>                <b>                    type:               </b> Status report            </p>            <p>                <b>message:               </b>             </p>            <p>                <b>description:               </b> This request requires HTTP authentication.            </p>        </div>    </body></html>
|

2016-04-12T06:38:22-04:00 uschixxx05 edgeconfigprovisioning: Level="WARN" Event="Edge SSO" Service="SSO" Detail="Authorization failed" Dst-ip="127.0.0.1" Dst-port="33811" Local-ip="127.0.0.1" Local-port="22111" Reason="Invalid response code from authorization server: expected 200, got 401" username="TestUC.Boston2" UTCTime="2016-04-12 10:38:22,516"
2016-04-12T06:38:22-04:00 uschixxx05 edgeconfigprovisioning UTCTime="2016-04-12 10:38:22,516" Module="network.http.sso.server" Level="DEBUG" Action="Sent" Local-ip="127.0.0.1" Local-port="22111" Dst-ip="127.0.0.1" Dst-port="33811" Code="403"
HTTPMSG:
|HTTP/1.1 403 Forbidden
 Server: ['CE_C ECS']

0 Helpful

Simon Battye
Level 2
Level 2
In response to carlnewton

‎04-13-2016 04:29 AM

I had a similar issue that was based on this Bug: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCux52984/

The account i was using in Expressway-Core to connect with the UCXN servers did not have access to /ssosp/token/authorize_proxy.

I changed the account the the administrator account used when installing UCXN, turned off TLS and reset my Jabber client, when logging back in i got visual voicemail.

abernardollc
Level 1
Level 1
In response to Simon Battye

‎05-06-2016 10:24 AM

Simon,

Thanks for your post, it helped me out, as I ran into the same issue.  

The Jabber client connection just noted that there was a permission issue. I used an account with all the roles I could possibly assign.  Changed it to the original admin account and it worked right away.

0 Helpful
Customers Also Viewed These Support Documents